HTML::StripTags provides the function strip_tags() that can strip all HTML or XML tags from a string except the given allowed tags. This is a Perl port of the PHP function strip_tags() based on PHP 5.3.3.

Please note: As per http://htmlpurifier.org/comparison#striptags PHP's strip_tags() is a very basic and unsafe method, so it's strongly recommended not to use it for cleaning up user input! As HTML::StripTags uses the same state machine, the same applies to this module.

State 0 is the output state, state 1 means we are inside a normal html tag, state 2 means we are inside a php tag, state 3 means we are inside a "<!--", case 4 means we are inside the following JavaScript/CSS/etc. tag.

When an allow string is passed in we keep track of the string in state 1 and when the tag is closed check it against the allow string to see if we should allow it.

Please report any bugs or feature requests to <hinnerk at cpan.org>, or through the GitHub web interface at http://github.com/hinnerk-a/perl-strip_tags/issues. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.